The saga of Tapplock One - the super hackable smart lock gets a fix

It might not be game over for the fingerprint padlock

The saga of Tapplock One
The Ambient is reader-powered. If you click through using links on the site, we may earn an affiliate commission. Learn more

The Tapplock One smart padlock has been getting attention this week for all the wrong reasons. The $84 smart lock, which opens via a fingerprint sensor and raised $330k on Indiegogo, has been hacked by both a security firm scanning for Bluetooth devices and a YouTube star with a suction cup.

Not great. Andrew Tierney from Pen Test Partners has done a blog post about how you can open the Tapplock in two seconds by "sniffing" Bluetooth Low Energy data from the Tapplock's ability to share access with friends and family and using the key to open the lock. Tierney writes that it "requires no skill or knowledge" to hack the lock. (He also suggests the Ring Video Doorbell is susceptible to the same hack).

Read this: Getting started with Ring - essential guide

Tapplock says it is pushing out a security firmware update to address the Bluetooth vulnerability, namechecking Pen Test Partners - we'll look out to see if Tierney or any other security experts are able to test out another lock once this has rolled out. We haven't tested the Tapplock here at The Ambient yet.

All this came after JerryRigEverything posted a YouTube video of how he was able to open the lock with a suction cup. It's already got 1.5 million views but turns out Tapplock says his padlock was defective - specifically that a spring pin wasn't inserted correctly. Plus CNET has tried out a bunch of suction cups and not been able to replicate the hack.

So Tapplock is dealing with both physical and digital issues. Still it's not a good look especially as when Tierney alerted them, the Canadian startup replied that it was already aware of the issues but at that point didn't appear to have told any customers.

It's not good press for smart locks in general, either, as there's legitimate concerns about how secure they really are. Let us know in the comments below if you'd feel comfortable locking up valuables or your whole house with this or another smart lock.

Source: CNET

TAGGED    security systems

Related stories

security systems DIY smart alarms: The best home security system
security systems Ring settles with ADT in legal spat: RIP the Ring Outdoor Siren
security systems Ring unveils new device trio: Outdoor Smart Plug, Ring Wall Light Solar and Outdoor Siren
security systems Blue By ADT review: A DIY security system with professional backing
Smart Locks Yale Linus Smart Door Lock review
security systems Hex Home is a Wi-Fi sensing home security system